question

ujjwaldevarapalli avatar image
0 Votes"
ujjwaldevarapalli asked MikeUrnun answered

Access Context Origin for conditional JWT validation

Hi,

I want to conditionally validate JWT depending on the origin (subscriber).
I have an api on APIM which needs to support OAUTH2 token from two IDPs.
If Origin is X, I want to validate the token against Identity provider X
Else validate against AAD using validate-jwt policy

Which context property would be best to do this conditional check.

azure-api-management
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

MikeUrnun avatar image
1 Vote"
MikeUrnun answered

Hello @ujjwaldevarapalli - Why the conditional validation? Have you tried implementing a single <validate-jwt ...> policy with multiple issuers and signing keys? But if you must, I believe you can associate your subscribers to distinct products in APIM and do something like this: https://stackoverflow.com/a/64475306/528779

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thanks for the answer Mike. I will use this approach suggested in the link. I didnt do validat-jwt for both the IDP as one the response from the token validation endpoint of one of the IDPs is not standard. It needs to be parsed to evaluate the response.

0 Votes 0 ·